Privacy Policy

Epochal Health Solutions LLC, doing business as Phronos

Overview

This Privacy Policy describes how Epochal Health Solutions LLC, doing business as Phronos ("we," "us," or "our"), collects, uses, shares, and protects information when you participate in instruments and services provided through phronos.org and associated platforms.

Phronos is a cognitive research platform. Our approach to data is grounded in a core principle: your data belongs to you. Participation is voluntary. Consent is explicit. We lead with openness because openness is the only path to trust.

This policy should be read alongside our Terms of Service and Constitution, which establish the foundational principles governing our work.

Information We Collect

Information You Provide

When you participate in Phronos instruments, we collect the responses you submit. For INS-001 (Semantic Cartography), this includes:

• Target word: The word you choose for others to guess.
• Clue words: The five one-word associations you provide.
• Consent record: Your affirmative consent to data processing.

We do not require account creation. We do not collect your name, email address, or other personal identifiers unless you voluntarily provide them (for example, by contacting us).

Information Generated Through Processing

Your responses are processed to generate cognitive telemetry:

• Divergence score: A measure of semantic distance between your associations and statistically typical associations.
• Convergence score: A measure of how effectively an AI system can reconstruct your target from your clues.
• Embedding vectors: Mathematical representations of your word inputs, generated by third-party services.

Information Collected Automatically

When you access Phronos, we automatically collect certain technical information:

• IP address: Used for security, fraud prevention, and approximate geolocation (country/region level).
• Browser and device information: Browser type, operating system, screen resolution, and device identifiers.
• Usage data: Pages visited, time spent, interactions with instruments, and referral sources.
• Cookies and similar technologies: We use essential cookies to maintain session state. We do not use advertising or tracking cookies.

How We Use Information

We use collected information for the following purposes:

To Provide Instrument Results

Your responses are processed to generate your divergence and convergence scores and to display your results.

To Advance Research

With your consent, anonymized responses are aggregated into the Phronos data commons. This aggregated data supports research into human cognition and human-AI interaction. Individual responses cannot be reconstructed from aggregated data.

To Improve Our Instruments

We analyze patterns in responses to refine our methods, improve scoring algorithms, and develop new instruments. This analysis is conducted on anonymized data.

To Maintain Security and Integrity

Technical logs are used to detect and prevent fraud, abuse, and security threats, and to ensure the reliability of our services.

To Comply with Legal Obligations

We may process information as necessary to comply with applicable laws, regulations, or legal processes.

Third-Party Data Sharing

We share information with third parties only as described below. We do not sell participant data.

Service Providers

OpenAI, Inc. — Your word inputs (target word and clues) are transmitted to OpenAI's text-embedding-3-small model to generate vector embeddings used in scoring. OpenAI's API data usage policy states that API inputs are not used to train their models. For details, see OpenAI's API Data Usage Policies.

Anthropic, PBC — Your inputs may be processed by Anthropic's Claude (Haiku model) to support instrument functionality, including convergence scoring. Anthropic's API terms state that API inputs are not used to train their models. For details, see Anthropic's Privacy Policy.

Vercel, Inc. — Our platform is hosted on Vercel's infrastructure. Vercel processes technical data (IP addresses, request logs) as part of service delivery. For details, see Vercel's Privacy Policy.

Research Collaborators

We may share anonymized, aggregated data with academic researchers, institutions, and collaborators for purposes consistent with our mission. Such sharing will be governed by data use agreements that prohibit re-identification and require ethical use.

Legal Requirements

We may disclose information if required by law, subpoena, court order, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

In the event of a merger, acquisition, or sale of assets, participant data may be transferred to the successor entity. We will notify participants of any such transfer and any changes to this Privacy Policy.

Data Retention

We retain information according to the following schedule:

After the retention period, identifiable session data is either deleted or irreversibly anonymized and merged into the aggregated data commons.

You may request deletion of your identifiable session data at any time (see "Your Rights" below).

Your Rights

You have the following rights regarding your information:

Access

You may request a copy of the session data we hold about you. Because we do not require accounts, you will need to provide sufficient information to locate your records (such as approximate date and time of participation).

Deletion

You may request deletion of your identifiable session data. Upon verified request, we will delete or anonymize your data within 30 days. Deletion does not affect data that has already been anonymized and aggregated, as such data can no longer be linked to you.

Correction

If you believe any information we hold about you is inaccurate, you may request correction.

Data Portability

You may request your session data in a structured, machine-readable format.

Withdrawal of Consent

You may withdraw your consent to data processing at any time. Withdrawal does not affect the lawfulness of processing conducted prior to withdrawal.

Opt-Out of Research Use

If you wish to participate in instruments but do not want your anonymized data included in the research commons, please contact us before participating. We can provide a research-exempt participation mode.

To exercise any of these rights, contact us at privacy@phronos.org.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You may request information about the categories and specific pieces of personal information we have collected, the sources of collection, the purposes of collection, and the categories of third parties with whom we share information.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You may request correction of inaccurate personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

To submit a request, contact privacy@phronos.org. We will verify your identity before processing your request.

Data Security

We implement reasonable administrative, technical, and physical safeguards to protect information from unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption of data in transit (TLS/HTTPS)
• Access controls limiting data access to authorized personnel
• Regular security assessments
• Secure third-party service providers

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we commit to promptly addressing any security incidents and notifying affected participants as required by law.

International Data Transfers

Phronos is operated from the United States. If you participate from outside the United States, your information will be transferred to and processed in the United States. By participating, you consent to this transfer.

We rely on standard contractual clauses and other lawful transfer mechanisms where required for international data transfers.

Children's Privacy

Phronos instruments are designed for individuals aged 13 and older. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will delete it promptly.

If you believe a child under 13 has provided us with personal information, please contact us at privacy@phronos.org.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted to phronos.org with an updated effective date. We encourage you to review this policy periodically.

If we make changes that materially affect how we handle previously collected information, we will make reasonable efforts to notify participants.

The Constitution

This Privacy Policy operates within the framework established by the Phronos Constitution, which articulates our foundational commitments:

• Axiom V: Those who engage with Phronos instruments are participants, not users. We owe participants transparency, clarity, and honesty.
• Axiom VI: Your data belongs to you. Participation is voluntary. Consent is explicit. Data shared for one purpose will not be repurposed without permission. Participant data is never sold.
• Axiom VII: We lead with openness because openness is the only path to trust.

If any provision of this Privacy Policy conflicts with the Constitution, the Constitution governs.

Contact

Questions, concerns, or requests regarding this Privacy Policy may be directed to:

Epochal Health Solutions LLC, dba Phronos
Email: privacy@phronos.org

For general inquiries: interest@phronos.org

This document is part of Phronos governance. For our foundational principles, see the Phronos Constitution.